Data warehouse raises worries
HealthCare.gov customers’ info stored ‘indefinitely.’
— A government WASHINGTON data warehouse that stores personal information on millions of HealthCare.gov customers is raising privacy concerns at a time when major breaches have become distressingly common.
A government privacy assessment dated Jan. 15 says data “is maintained indefinitely at this time,” but the administration said this month that no final time frame has been decided, and the National Archives has recommended a 10-year retention period.
Known as MIDAS, the system is described on a federal website as the “perpetual central repository” for information collected under President Barack Obama’s health care law.
The information stored includes names, Social Security numbers, birthdates, addresses, phone numbers, passport numbers, employment status and financial accounts.
The vast scope of the information — and the lack of a final plan for destroying old records nearly four years after the system was commissioned — have raised concerns about privacy and the government’s judgment on technology.
“A basic privacy principle is that you don’t retain data any longer than you have to,” said Lee Tien, a senior staff attorney with the Electronic Frontier Foundation.
“Even 10 years feels long to me,” Tien said.
The Obama administration says MIDAS is essential to the smooth operation of the health care law’s insurance markets and meets or exceeds federal security and privacy standards. “MIDAS is a critical piece of the marketplace ecosystem,” said spokesman Aaron Albright.
But Sen. Orrin Hatch, RUtah, called the administration’s approach “careless.”
“Despite (a) poor track record on protecting the private information of Americans, they continue to use systems without adequately assessing these critical components,” said Hatch, an opponent of the health care law.
Electronic record-keeping systems are standard for businesses and government agencies. They are supposed to have limits on how long they store personal data.
In the new wired world, every few weeks brings another security breach. Personnel records of millions of federal employees, including background information for security clearances, were compromised. Earlier this year, health insurer Anthem reported that information on 80 million customers was hacked.
Before HealthCare.gov went live in 2013, Obama administration officials assured lawmakers and the public that an individual’s personal information would be used mainly to determine eligibility for coverage, and that the Affordable Care Act would have a limited impact on privacy.
Marilyn Tavenner, the Medicare administrator at the time, told a congressional hearing: “We especially focused on storing the minimum amount of personal data possible,” she added.
MIDAS has been criticized in opinion articles by former Social Security commissioner Michael Astrue, a Republican who disapproves of Obama administration policies. Independent experts on technology and privacy echoed some of the concerns.
“I accept they have an operational reason ... to keep data for a reasonable period,” said Astrue, commissioner from 20072013. But there’s no justification for keeping data indefinitely, he added. “I don’t think they should be allowed to do it.”
Michelle De Mooy, deputy director for consumer privacy at the Center for Democracy & Technology, said consumers have no way of knowing that their data is being routed to MIDAS. It’s not mentioned on the HealthCare.gov website.
“When people go to government services sites, they don’t have a choice,” De Mooy said. “That means the privacy and security bar should be very high.”
Although the privacy policy does not mention MIDAS specifically, administration spokesman Albright says its general functions are described.